These are some of the useful hacks I've written over the years of my geeking. Some were strictly used for personal stuff. Others were written to fill a recurring need in my professional endeavors. And some were written just for the aitch-eee-double-hockey-sticks of it. Feel free to use them, just please provide me with feedback, or improvements, and so on.
I can be contacted using the address jason with this domain name.
sftpsh
A little hack I wrote in late 2000, extending further than notsh, and
allowing non-shell users to execute sftp-server as part of an SFTP call
to the server. This allows them access to files via SFTP, but no other
logins, SCP, or other entry vectors are allowed. Use in conjunction
with chroot'd SSH, and you have a nice multi-layer hardening of your
box from casual attacks. I released a commented version of the code
in May 2001 to a few people in the SSH community. Since then it has
spread out and is used and hosted by others. It also became a basis in
whole or part for other restricted-ssh-shell projects.
( Download:
sftpsh.c
)
scrsh
Yet another stupid simple shell. This time for GNU Screen only. Yeah,
I probably should have researched some restricted shell programs, but
these simple shells always fit the bill with very short turn-around.
Simple code leads to less exploits, leads to happy admins and more
secure systems. This was useful to me since I could lock an account
into a screen session, so their processes wouldn't die when their
connection dropped. Also, with a severely tightened screenrc, this
can serve as a limited shell with menus, windows, et cetera.
( Download:
scrsh.c
)
notsh
A very simple shell that informs the user they do not have shell access
to the server. Simple, stupid, effective.
( Download:
notsh.c
)
dupels
A tool to find and list duplicate files in a specified directory. It uses
the wonderful magic of File::Find::Duplicates, and processes the output
into a format that is easily post-processed by other manual or automated
processes. I found this very useful in locating duplicate files in large
filesystems.
( Download:
dupels
)
retail
A "tail" clone written in Perl, which uses both File::Tail and Term::ANSIColor
and a customizable array of regular expressions to watch a file. It does
single or multiple files, it either runs once or follows, has a default
configuration file as well as an override config file for command line.
Allows you to output color-coded log entries, send pages, whatever. It uses
anonymous subroutines to execute code when a target regex triggers. I used
it for lots of debugging and administrative work.
( Download:
retail
)
crtprt
Takes data on stdin, wraps the vt100 print-escape codes around it, and sends
it to either stdout, the SSH-specified tty, or an rcfile defined tty. Allows
for quick printing from remote servers without a lot of hassle. The rcfile
tty allows you to work-around issues with calling this script from within
GNU Screen.
( Download:
crtprt
)
nu
A "new user" script that help ease transition of DOS/VMS/whatever users
to UNIX. A single script that when softlinked by various names, uses
help files of those names to educate the user on the UNIX equivalent
command. For example, teaches VMS people that "type" is now "cat".
We used this at the University of Louisville to migrate users from a VMS
cluster to the newer UNIX server. Not robust, and still needed work,
but servicable.
( Download script:
nu;
Download script with example help files:
nu.tar.gz
)
wl-bc
This takes standard web logs on stdin and output the total number of bytes
sent out. I got tired of doing this on command line.
( Download:
wl-bc
)
wl-ip
Another quick web logs hack that reports unique IP addresses from log data,
and any DNS hostnames associated with each IP.
( Download:
wl-ip
)
wl-rl
Takes standard web logs on stdin and outputs a sorted list of the unique
referers, one per line.
( Download:
wl-rl
)
wl-sql
This formats standard web logs received on stdin and outputs the parsed
entry as an sql insert command.
( Download:
wl-sql
)
idle
Another oldie. Written either just before or during my first professional
duty as a UNIX sysadmin. Resources were tight in those days (We had hit
a whole MIP!) so we would cull processes of idle users. This was meant
as a utility to help both manual and automated process culling. It simply
reports the minutes idle on a particular device file. Nothing special.
( Download:
idle.c
)
gifmom
Wow. I wasn't going to post this over ten-year-old GIF hacking tool until I
found out it was still being referenced and distributed on the web. Simply
put, this tool allows you to make colors in a GIF transparent, as well as
control interlacing. It will operate on files or redirected I/O. A
useful little utility that uses the GD Library
for its graphics work. This was originally written back when gd was brand
spanking new, so I don't know if the gd API has changed enough in the past
ten years to break this code. I originally used this when I had need of
quick transparency/interlace controls during the early days of the web. I
also used it to create a website called "Make It Clear!" that would operate
on URLs given to it and return the processed image back to the user. Cool
stuff. Enjoy!
( Download:
gifmom.c
)